THAT WHICH IS CLAIMED IS: 



1 . A method of recovering from a failure of a 
5 primary distribution processor which provides secure 

communications over a network in a distributed workload 
environment having target hosts which are accessed 
through the primary distribution processor by a common 
network address, the method comprising the steps of: 
10 providing to a backup distribution processor 

information sufficient to restart communications through 
the primary distribution processor utilizing network 
security; 

detecting the failure of the primary distribution 
15 processor; 

restarting the communications utilizing network 
security at the backup distribution processor utilizing 
the provided information; 

routing both inbound and outbound communications 
20 with target hosts utilizing the common network address 

and which are associated with a secure network 
communication through the backup distribution processor; 
and 

processing the inbound and outbound secure network 
25 communications at the backup distribution processor so as 

to provide network security processing of the inbound and 
outbound communications. 

2. A method according to Claim 1, further 

30 comprising the step of maintaining information sufficient 

to restart communications through the backup distribution 
processor accessible to at least one distribution 
processor other than the backup distribution processor. 
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3. A method according to Claim 1, wherein the step 
of providing information sufficient to restart 
communications comprises the steps of transmitting 
network security information from which network security 

5 relationships associated with the communications through 

the primary distribution processor utilizing network 
security can be re-established at the backup distribution 
processor from the primary distribution processor to the 
backup distribution processor prior to failure of the 
10 primary distribution processor. 

4. A method according to Claim 1, wherein the step 
of providing information sufficient to restart 
communications comprises the step of storing in a common 

15 storage accessible to the backup distribution processor, 

network security information from which network security 
relationships associated with the communications through 
the primary distribution processor can be re-established 
at the backup distribution processor. 

20 

5. A method according to Claim 4, wherein the step 
of restarting the communications utilizing network 
security at the backup distribution processor utilizing 
the provided information, comprises the following steps 

25 carried out by the backup distribution processor: 

obtaining the network security information from the 
common storage ; 

establishing the security relationships associated 
with the communications through the primary distribution 
30 processor at the backup distribution processor; and 

notifying target hosts associated with the 
communications that the backup distribution processor has 
taken ownership of the communications . 
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6. A method according to Claim 5, further 
comprising the step of clearing the network security 
information from the common storage subsequent to the 
backup distribution processor obtaining the network 

5 security information from the common storage. 

7. A method according to Claim 5, further 
comprising the step of storing in the common storage, 
network security information from which network security 

10 relationships associated with the communications through 

the backup distribution processor can be re-established 
at another distribution processor. 

8. A method according to Claim 5, further 

15 comprising the step of identifying as non-distributed 

communications, communications to the backup distribution 
processor utilizing network security which were 
previously distributed communications routed through the 
primary distribution processor. 



20 



9. A method according to Claim 5, wherein the 
network security comprises Internet Protocol Security 
(IPSec) . 



2 5 10. A method according to Claim 9, wherein the 

network security information stored in the common storage 
includes at least one of Phase 1 Security Association 
(SA) information, Phase 2 SA information and information 
relating the Phase 1 SA information to the Phase 2 SA 

3 0 information. 



11. A method of recovering from a failure of a 
first routing communication protocol stack which routes 
for Internet Protocol Security (IPSec) communications 
3 5 between a network and a plurality of application 
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instances executing on a cluster of data processing 
systems utilizing a virtual Internet Protocol Address 
(VIPA) Distributor and which distributes communications 
for connections to at least one dynamically routable VIPA 
5 (DVIPA) to a plurality of target communication protocol 

stacks, the method comprising the steps of: 

detecting failure of the first routing communication 
protocol stack at a second routing communication protocol 
stack; 

10 reading ISPec information associated with the at 

least one DVIPA from a coupling facility of the cluster 

of data processing systems; 

renegotiating IPSec SAs between the second routing 

communication protocol stack and remote IPSec peers 
15 utilizing the at least one DVIPA based on the IPSec 

information read from the coupling facility; 

re-routing the connections to the at least one DVIPA 

utilizing IPSec through the second routing communication 

protocol stack; and 

2 0 performing IPSec processing for the re-routed 

connections to the at least one DVIPA at the second 
routing communication protocol stack utilizing the 
renegotiated IPSec SAs. 

25 12 . A method according to Claim 11, wherein the 

step of renegotiating IPSec SAs comprises the steps of: 

notifying an instance of an Internet Key Exchange 
(IKE) application associated with the second routing 
communication protocol stack of the failure of the first 

3 0 routing communication protocol stack; 

providing the read IPSec information to the IKE 
application; 

negotiating new IPSec SAs associated with the at 
least one DVIPA utilizing the IKE application; and 
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installing the new IPSec SAs in the second routing 
communication protocol stack. 



13. A method according to Claim 12, wherein the 
5 IPSec SAs comprise Phase 1 SAs and Phase 2 SAs, the 

method further comprising steps of : 

storing new Phase 1 SA information in the coupling 
facility; 

storing new Phase 2 SA information in the coupling 
10 facility. 

14. A method according to Claim 11, further 
comprising the step of clearing the IPSec information 
from the coupling facility after the IPSec information is 

15 read from the coupling facility. 

15. A method according to Claim 11, wherein the 
first routing communication protocol stack carries out 
the steps of : 

20 establishing IPSec SAs with remote IPSec peers 

utilizing the at least one DVIPA; and 

storing IPSec SA information in the coupling 
facility sufficient to allow renegotiation of the 
established IPSec SAs . 

25 

16. A method according to Claim 11, wherein the 
IPSec SA information comprises at least one of cached 
Phase 1 SA policies, Phase 1 SA identifications, 
information correlating Phase 1 SAs and Phase 2 SAs , 

30 dynamic filter selectors and cryptographic policies. 

17. A method according to Claim 16, wherein the 
IPSec SA information further comprises IPSec Security 
Parameter Indexes (SPIs) and protocols for the Phase 2 

35 SAs. 
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18. A method according to Claim 17, further 
comprising the steps of : 

installing IPSec dynamic filters in the second 
routing communication protocol stack; and 
5 removing duplicates of active dynamic filters. 

19. A method according to Claim 17, further 
comprising the step of sending a delete to an IKE 
associated with the first routing communication protocol 

10 stack for IPSec SAs that were active on the first routing 

communication protocol stack. 

20. A system for recovering from a failure of a 
primary distribution processor which provides secure 

15 communications over a network in a distributed workload 

environment having target hosts which are accessed 
through the primary distribution processor by a common 
network address, comprising: 

means for providing to a backup distribution 

2 0 processor information sufficient to restart 

communications through the primary distribution processor 
utilizing network security; 

means for detecting the failure of the primary 
distribution processor; 

2 5 means for restarting the communications utilizing 

network security at the backup distribution processor 
utilizing the provided information; 

means for routing both inbound and outbound 
communications with target hosts utilizing the common 

3 0 network address and which are associated with a secure 

network communication through the backup distrxbution 
processor; and 

means for processing the inbound and outbound secure 
network communications at the backup distribution 
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processor so as to provide network security processing of 
the inbound and outbound communications. 

21. A system for recovering from a failure of a 

5 first routing communication protocol stack which routes 

for Internet Protocol Security (IPSec) communications 
between a network and a plurality of application 
instances executing on a cluster of data processing 
systems utilizing a virtual Internet Protocol Address 

10 (VIPA) Distributor and which distributes communications 

for connections to at least one dynamically rout able VIPA 
(DVIPA) to a plurality of target communication protocol 
stacks, comprising: 

means for detecting failure of the first routing 

15 communication protocol stack at a second routing 

communication protocol stack; 

means for reading ISPec information associated with 
the at least one DVIPA from a coupling facility of the 
cluster of data processing systems ; 

2 0 means for renegotiating IPSec SAs between the second 

routing communication protocol stack and remote IPSec 
peers utilizing the at least one DVIPA based on the IPSec 
information read from the coupling facility; 

means for re-routing the connections to the at least 
25 one DVIPA utilizing IPSec through the second routing 

communication protocol stack; and 

means for performing IPSec processing for the re- 
routed connections to the at least one DVIPA at the 
second routing communication protocol stack utilizing the 

3 0 renegotiated IPSec SAs. 

22. A computer program product for recovering from 
a failure of a primary distribution processor whxch 
provides secure communications over a network in a 
distributed workload environment having target hosts 
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which are accessed through the primary distribution 
processor by a common network address, comprising: 

a computer readable medium having computer readable 
program code embodied therein, the computer readable 
5 program code comprising: 

computer readable program code which provides to a 
backup distribution processor information sufficient to 
restart communications through the primary distribution 
processor utilizing network security; 
10 computer readable program code which detects the 

failure of the primary distribution processor; 

computer readable program code which restarts the 
communications utilizing network security at the backup 
distribution processor utilizing the provided 
15 information; 

computer readable program code which routes both 
inbound and outbound communications with target hosts 
utilizing the common network address and which are 
associated with a secure network communication through 
20 the backup distribution processor; and 

computer readable program code which processes the 
inbound and outbound secure network communications at the 
backup distribution processor so as to provide network 
security processing of the inbound and outbound 
25 communications . 



23 . A computer program product for recovering from 
a failure of a first routing communication protocol stack 
which routes for Internet Protocol Security (IPSec) 
3 0 communications between a network and a plurality of 

application instances executing on a cluster of data 
processing systems utilizing a virtual Internet Protocol 
Address (VIPA) Distributor and which distributes 
communications for connections to at least one 
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dynamically routable VIPA (DVIPA) to a plurality of 
target communication protocol stacks, comprising: 

a computer readable medium having computer readable 
program code embodied therein, the computer readable 
5 program code comprising: 

computer readable program code which detects failure 
of the first routing communication protocol stack at a 
second routing communication protocol stack; 

computer readable program code which reads IPSec 
10 information associated with the at least one DVIPA from a 

coupling facility of the cluster of data processing 
systems ; 

computer readable program code which renegotiates 
IPSec SAs between the second routing communication 
15 protocol stack and remote IPSec peers utilizing the at 

least one DVIPA based on the IPSec information read from 
the coupling facility; 

computer readable program code which re-routes the 
connections to the at least one DVIPA utilizing IPSec 
20 through the second routing communication protocol stack; 

and 

computer readable program code which performs IPSec 
processing for the re-routed connections to the at least 
one DVIPA at the second routing communication protocol 
25 stack utilizing the renegotiated IPSec SAs. 
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